7 Replies Latest reply on Apr 14, 2010 8:39 AM by JoeBidgood

    ePO 4.5 best way to duploy

      Hello All,


      I have a test windows 2008 server running ePO 4.5 and I need to add some 20 machines from production server running ePO. Can you give me advice on best way to deploy those machines. So far, I added two machines using manual way but looking alternative way


      Any suggestions?


      Soon I am going to upgrade 3.6.1 to 4.5 using side by side upgrade.

        • 1. Re: ePO 4.5 best way to duploy



          I wanted to let you know that you can browse to the machines from the ePO dashboard and add them one at a time. You can also create a text file to import the machines. You may need to force over existing version.


          To add the machines from the dashboard complete these steps.


               Login to the Dashboard.

               Go to the group where you would like the machines to exist.

               Click on the System Tree Actions

               New Systems

               Under Systems to add click Browse and locate the machine.


            For any information about adding the machines via a text file please see page 119  in the included pdf.


          I hope this helps.




          • 2. Re: ePO 4.5 best way to duploy



            I done that before and there was an error message "failed to authenticate with remote system, system error: access is denied"

            Probaby this is something to do with my access as I tried \\machine\admin$ and same thing happened  "access is denied".


            I will try adding manual...this will work.


            Thanks for your help.

            • 3. Re: ePO 4.5 best way to duploy

              Dude, you have to have an Administrator account before you can do the notepad deployment thingy. This happened to me as well. Deployment and troubleshooting is as easy as pie if all your workstations belong on a domain (therefore you could use a domain admin account for the deployment / troubleshooting). But it is reeeeeeeeeeaaally painful if your workstations are not on a domain and you have no common administrator account per PC.


              If you are to do it manually anyway, i suggest since your the tech guy it will not hurt if you could add a administrator account common to all those machines so troubleshooting will not be as painful as the deployment. (this is only applicable if your workstations are not on a domain)


              Hope this helps

              • 4. Re: ePO 4.5 best way to duploy
                Attila Polinger



                assuming the 20 machines are managed with the production ePO, I think the quickest way of redirecting them to use the test ePO environment is to change sitelist.xml on these hosts. Also assuming that sitelist.xml exist and has the function and structure the same across ePO 4.0 and 4.5 versions.


                Extract the sitelist.xml from the test ePO server - since it is a managed client to itself it has also a McAfee Agent with a sitelist under [drive]:\Documents and Settings\All Users\Application Data\McAfee\Common Framework- and on each would-be test client disable the agent function by issuing a FRMINST.EXE /REMOVE=AGENT command while standing on the McAfee Agent installation directory.

                Then copy the sitelist.xml to a temporary folder on the particular and issue the command FRMINST.EXE /INSTALL=AGENT /SITEINFO=temporary foldername\SITELIST.XML.


                This causes the ePo agent to re-awake and incorporate the new sitelist with the new ePO server information therein. You can check the results in the FRMINST_hostname.LOG under %TEMP%\McAfeeLogs, or via the XML log under http://hostname:8081.



                • 5. Re: ePO 4.5 best way to duploy

                  You shouldn't need to put the agent in unmanaged mode first (using frminst /remove=agent), although it won't actually hurt.


                  Note however that if we are talking about MA4 and above with ePO 4 and above, then in order to use the /siteinfo swicth, you must ensure that the new ePO server's reqseckey.bin and srpubkey.bin key files are present in the same folder as the sitelist.xml.


                  Regards -



                  • 6. Re: ePO 4.5 best way to duploy
                    Attila Polinger



                    does it mean that the .BIN files will actually be imported during the process and the agent will use them to encrypt traffic to the new ePO server (the name of which the new sitelist.contains) ?



                    • 7. Re: ePO 4.5 best way to duploy

                      Correct - without them, the agent will not be able to communicate with the new server. Sitelist by itself is not enough.


                      HTH -